IN THE CLAIMS 

Claims 1, 1 1, 34, 37, 50-54, and 57 are amended herein. All pending claims and their 
present status are produced below. 



1 1 . (Currently Amended) A computer-implemented method for managing access to a 

2 resource, comprising: 

3 receiving, from a first user having an authentication credential with respect to the 

4 resource, a message that a second user be granted access to the resource; 

5 receiving, from the second user, a request to access the resource; and 

6 responsive to the request from the second user, obtaining the first user's 

7 authentication credential and granting the second user access to the 

8 resource by providing to the resource t he first user's authentication 

9 credential to th e r e sourc e , wherein the first user's authentication credential 
10 is not provided to the second user . 

1 2. (Original) The method of claim 1 , wherein granting the second user access comprises 

2 activating a temporary access credential for the second user. 

1 3. (Original) The method of claim 1 , wherein granting the second user access comprises 

2 creating an entity relationship between an account associated with the second user and an account 

3 associated with the first user. 

1 4. (Original) The method of claim 3, wherein the account associated with the second 

2 user comprises a support representative account. 
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1 5. (Original) The method of claim 1 , wherein the message identifies the second user and 

2 specifies a level of access for the second user, and wherein granting the second user access 

3 comprises granting the specified level of access. 

1 6. (Original) The method of claim 1, wherein the second user belongs to a group of 

2 users, and the message identifies the group of users to which the second user belongs. 

1 7. (Original) The method of claim 6, further comprising: 

2 receiving an identifier from the second user, identifying the second user as 

3 belonging to the group of users. 

/ 8. (Original) The method of claim 6, further comprising: 

2 authenticating the second user as belonging to the group of users. 

/ 9. (Original) The method of claim 6, wherein the group comprises support 

2 representatives. 

/ 10. (Original) The method of claim 1, further comprising: 

2 authenticating the second user; 

3 and wherein granting the second user access to the resource comprises: 

4 responsive to the request from the second user and responsive to the 

5 authentication of the second user being successful, granting the second 

6 user access to the resource by providing the first user's authentication 

7 credential to the resource. 
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/ 11. (Currently Amended) The method of claim 1 , wherein granting the second user 

2 access to the resource comprises granting the second user a level of access different from the a 

3 level of access available to the first user. 

/ 12. (Original) The method of claim 1, wherein receiving the message comprises 

2 receiving the message via a network. 

/ 13. (Original) The method of claim 12, wherein receiving the request comprises 

2 receiving the request via the network. 

/ 14. (Original) The method of claim 12, wherein receiving the request comprises 

2 receiving the request via a second network. 

/ 15. (Original) The method of claim 1, further comprising storing in an audit log 

2 information describing the second user's access to the resource and identifying the second user in 

3 connection with the access. 

1 16. (Original) A computer-implemented method for managing levels of access to a 

2 resource for at least two users, comprising: 

3 establishing a control relationship between a first user's authentication credential 

4 and a second user's authentication credential, the control relationship 

5 allowing the first user to specify at least one parameter of the second 

6 user's level of access to a resource; 

7 receiving, from the second user, a request to access the resource; and 
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8 responsive to the request from the second user, granting the second user access to 

• 9 the resource according to the second user's level of access as specified by 

10 the first user. 

1 17. (Original) The method of claim 16, wherein the second user is a support 

2 representative. 

/ 18. (Original) The method of claim 16, further comprising: 

2 terminating the second user's access to the resource. 

/ 19. (Original) The method of claim 1 or 16, further comprising: 

2 terminating the second user's access to the resource after a predetermined time 

3 period. 

/ 20. (Original) The method of claim 19, wherein the predetermined time period is 

2 selectable by the first user. 

1 21. (Original) The method of claim 1 or 16, further comprising: 

2 terminating the second user's access to the resource after the second user has accessed the 

3 resource a predetermined number of times. 

1 22. (Original) The method of claim 21, wherein the predetermined number of times is 

2 selectable by the first user. 

7 23. (Original) The method of claim 1 or 16, further comprising: 
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2 terminating the second user's access to the resource in response to a command 

- 3 received from the first user. 

7 24. (Original) The method of claim 1 or 16, further comprising: 

2 terminating the second user's access to the resource in response to a 

3 predetermined event. 

J 25. (Original) The method of claim 1 or 16, further comprising: 

2 responsive to granting the second user access, outputting, to the first user, 

3 notification of the second user's access to the resource. 

1 26. (Original) The method of claim 1 or 16, further comprising: 

2 responsive to granting the second user access, storing information describing the 

3 second user's access to the resource. 

1 27. (Original) The method of claim 26, wherein storing information comprises storing 

2 the information in an audit log. 

1 .28. (Original) The method of claim 1 or 16, further comprising: 

2 storing information describing at least one subsequent interaction with the 

3 resource. 

/ 29. (Original) The method of claim 28, wherein storing information comprises, for each 



2 interaction, storing information identifying which user accesses the resource. 
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1 30. (Original) The method of claim 1 or 16, wherein the access to the resource by the 

2 second user is masked so that the resource is unable to distinguish it from access by the first user. 

/ 31. (Original) The method of claim 16, wherein the first user's level of access is 

2 different from the second user's level of access. 

/ 32. (Original) The method of claim 1 or 16, wherein the resource comprises at least one 

2 selected from the group consisting of: 

3 a data file; 

4 a data file stored at a server; 

5 ■ an application; and 

6 data associated with the first user. 

7 33. (Original) The method of claim 1 or 16, wherein the steps of the method are 
2 performed by a web-based application. 

/ 34. (Currently Amended) A system for granting resource access to a second user in 

2 response to a message from a first user, comprising: 

3 an authenticator communicatively adapted to receive over a network connection 

4 authentication credentials of the first and second users and adapted to 

5 authenticate each user from the authentication credentials; 

6 an access level control module, communicatively coupled to the authenticator, for 

7 defining for each user a level of access to a resource for the user; and 

8 a resource interface, communicatively coupled to the access level control module, 

9 for granting the second user access to the resource by providing the first 
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10 ' user's authentication credential to the authenticator for authentication^ 

. 11 wherein the first user's authentication credential is not provided to the 

12 second user . 

/ 35. (Original) The system of claim 34, wherein the access level control module activates 

2 a temporary access credential for the second user. 

/ 36. (Original) The system of claim 34, wherein the access level control module creates 

2 an entity relationship between an account associated with the second user and an account 

3 associated with the first user. 

7 37. (Currently Amended) A system for granting resource access to a second user in 

2 response to a message from a first user, comprising: 

3 an access level control module, for establishing a control relationship between tfee- 

4 first us e r's an authentication credential associated with the first user and 

5 th e second us e r's an authentication credential associated with the second 

6 user , the control relationship allowing the first user to control at least one 

7 parameter of the second user's level of access; and 

8 a resource interface, coupled to the access level control module, for granting the 

9 second user access to the resource according to the second user's level of 

10 access, by providing to the resource the first user's authentication 

11 credential to th e r e sourc e , wherein the first user's authentication credential 

12 is not provided to the second user . 
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1 38. (Original) The system of claim 34 or 37, wherein the resource interface further 

2 terminates the second user's access to the resource. 

/ 39. (Original) The system of claim 34 or 37, wherein the resource interface further 

2 terminates the second user's access to the resource after a predetermined time period. 

1 40. (Original) The system of claim 39, wherein the predetermined time period is 

2 selectable by the first user. 

7 41. (Original) The system of claim 34 or 37, wherein the resource interface further 

2 terminates the second user's access to the resource after the second user has accessed the 

3 resource a predetermined number of times. 

1 42. (Original) The system of claim 41, wherein the predetermined number of times is 

2 selectable by the first user. 

7 43. (Original) The system of claim 34 or 37, wherein the resource interface further 

2 terminates the second user's access to the resource in response to a command received from the 

3 first user. 

/ 44. (Original) The system of claim 34 or 3 7, wherein the resource interface further 

2 terminates the second user's access to the resource in response to a predetermined event. 

/ 45. (Original) The system' of claim 34 or 37, further comprising: 

2 an output device, coupled to the resource interface, for outputting, to the first user, 

3 notification of the second user's access to the resource. 
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7 46. (Original) The system of claim 34 or 37, further comprising: 

2 a storage device, coupled to the resource interface, for storing information 

3 describing the second user's access to the resource. 

/ 47. (Original) The system of claim 46, wherein the storage device stores information 

2 identifying which user accesses the resource. 

1 48. (Original) The system of claim 34 or 37, wherein the access to the resource by the 

2 second user is masked so that the resource is unable to distinguish it from access by the first user. 

/ 49. (Original) The system of claim 34 or 37, wherein the resource comprises at least one 

2 selected from the group consisting of: 

3 a data file; 

4 a data file stored at a server; 

5 an application; and 

6 data associated with the first user. 

1 50. (Currently Amended) In a client/server system for granting resource access to a 

2 second user in response to a message from a first user specifying that the second user be granted 

3 access to the resource, a server comprising: 

4 an authenticator, for authenticating each user according to authentication 

5 credentials; 

6 an access level control module, coupled to the authenticator, for defining a level 

7 of access to the resource for each user; and 
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8 a resource interface, coupled to the access level control module, for granting to a 

. 9 client operated by the second user access to the resource by providing to. 

10 the resource the first user's authentication credential to the r e source, , 

11 wherein the first user's authentication credential is not provided to the 

12 second user . 

/ 51. (Currently Amended) In a client/server system for granting resource access to a 

2 second user in response to a message from a first user specifying that the second user be granted 

3 access to the resource, a server comprising: 

4 an access level control module, for establishing a control relationship between the 

5 first user's authentication credential and the second user's authentication 

6 credential, the control relationship allowing the first user to control at least 

7 one parameter of the second user's level of access; and 

8 a resource interface, coupled to the access level control module, for granting to the 

9 client operated by the second user access to the resource according to the 
10 second user's level of access, by providing to the resource the first user's 
/ 1 authentication credential to th e r e source , wherein the first user's 

12 authentication credential is not provided to the second user . 

/ 52. (Currently Amended) In a client/server system for managing user access to a 

2 resource, including a server having an authenticator for authenticating at least two users 

3 according to authentication credentials, an access level control module for defining a level of 

4 access to the resource for each of at least a first user and a second user, and a resource interface 

5 for granting to the second user access to the resource by providing to the resource the first user's 

6 authentication credential to th e r e source , a client comprising: 
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7 an input device, for receiving input from a first user specifying that a second user 

• 8 be granted access to the resource; and 

9 an output device, for transmitting the received input to the access level control 

10 module to grant to the second user the access to the resource. 

1 53. (Currently Amended) In a client/server system for managing user access to a 



2 resource including a server having an access level control module for establishing a control 

3 relationship between a first user's authentication credential and a second user's authentication 

4 credential, the control relationship allowing the first user to control at least one parameter of the 

5 second user's level of access, and a resource interface for granting to the client operated by the 

6 second user access to the resource according to the second user's level of access, by providing to 

7 the resource the first user's authentication credential to th e r e sourc e, a client comprising: 



8 an input device, for receiving input from a first user specifying that a second user 

9 be granted access to the resource and for receiving input from the first user 

10 specifying at least one parameter of the second user's level of access; and 

11 an output device, for transmitting the received input to the access level control 

12 module to grant to the second user the access to the resource. 

/ 54. (Currently Amended) A computer program product comprising a computer-usable 

2 medium having computer-readable code embodied therein for managing access to a resource, 

3 comprising: 

4 computer-readable program code configured to cause a computer to receive, from 

5 a first user having an authentication credential with respect to the resource, 

6 a message that a second user be granted access to the resource; 
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7 computer-readable program code configured to cause a computer to receive, from 

. 8 the second user, a request to access the resource; and 

9 computer-readable program code configured to cause a computer to, responsive to 

10 the request from the second user, obtain the first user's authentication 

11 credential and grant the second user access to the resource by providing to_ 

12 the resource the first user's authentication credential to th e r e source^ 

13 wherein the first user's authentication credential is not provided to the 

14 second user , 

1 55. (Original) The computer program product of claim 54, wherein the computer- 



2 readable program code configured to cause a computer to grant the second user access comprises 

3 computer-readable program code configured to cause a computer to activate a temporary access 

4 credential for the second user. 



/ 56. (Original) The computer program product of claim 54, wherein the computer- 

2 readable program code configured to cause a computer to grant the second user access comprises 

3 computer-readable program code configured to cause a computer to create an entity relationship 

4 between an account associated with the second user and an account associated with the first user. 

/ 57. (Currently Amended) The computer program product of claim 54, further 

2 comprising: 

3 computer-readable program code configured to cause a computer to authenticate 

4 the second user; 

5 and wherein the computer-readable program code configured to cause a computer 

6 to grant the second user access to the resource comprises: 
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7 computer-readable program code configured to cause a computer to, responsive to 

8 the request from the second user and responsive to the authentication of 

9 the second user being successful, grant the second user access to the 

10 resource by providing to the resource the first user's authentication 

11 credential to th e r e sourc e. 

1 58. (Original) A computer-implemented computer program product for managing levels 

2 of access to a resource for at least two users, comprising: 

3 computer-readable program code configured to cause a computer to establish a 

4 control relationship between a first user's authentication credential and a 

5 second user's authentication credential, the control relationship allowing 

6 the first user to specify at least one parameter of the second user's level of 

7 access to a resource; 

8 computer-readable program code configured to cause a computer to receive, from 

9 the second user, a request to access the resource; and 

10 computer-readable program code configured to cause a computer to, responsive to 

11 the request from the second user, grant the second user access to the 

12 resource according to the second user's level of access as specified by the 

13 first user. 

1 59. (Original) The computer program product of claim 54 or 58, further comprising: 

2 computer-readable program code configured to cause a computer to, responsive to 

3 granting the second user access, store information describing the second 

4 user's access to the resource. 
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1 60. (Original) The computer program product of claim 54 or 58, further comprising: 

2 computer-readable program code configured to cause a computer to store 

3 information describing at least one subsequent interaction with the 

4 resource. 

7 61 . (Original) The computer program product of claim 60, wherein the computer- 

2 readable program code configured to cause a computer to store information comprises, computer- 

3 readable program code configured to cause a computer to, for each interaction, store information 

4 identifying which user accesses the resource. . 

/ 62. (Original) The computer program product of claim 54 or 58, wherein the access to 

2 the resource by the second user is masked so that the resource is unable to distinguish it from 

3 access by the first user. 
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